
CVE-2026-53359 Januscape: 16-Year KVM Flaw Enables VM Escape
CVE-2026-53359 Januscape is a 16-year-old Linux KVM use-after-free that allows guest VM escape to the host on Intel and AMD

CVE-2026-53359 Januscape is a 16-year-old Linux KVM use-after-free that allows guest VM escape to the host on Intel and AMD

China-nexus Operation DragonReturn deploys DcRAT via a cloned Indian tax utility, targeting tax professionals and accountants during India’s filing season.

UK Technology Secretary Liz Kendall launched the Cyber Resilience Pledge with 60 signatories, including Capita, despite its ICO fine for

Canada’s CSE confirmed offensive cyber operations against ransomware gangs, including destroying a gang’s full infrastructure and deleting stolen victim data.

Noma Security’s GitLost technique tricks GitHub Agentic Workflows into leaking private repository contents via public issue comments, with no patch

Sand Security found a one-click session isolation flaw in Writer AI letting attackers access any enterprise tenant’s private models, credentials,

Tokyo police arrested a 15-year-old who used ChatGPT to generate attack code that canceled 46,812 Bandai Channel streaming accounts in

BeyondTrust patched a CVSS 9.2 auth bypass in Remote Support and PRA for SaaS users months ago but withheld notice

CERT/CC disclosed CVE-2026-11405, a hidden backdoor in Tenda router firmware granting unauthenticated full admin access. No vendor patch is available.

Adobe ColdFusion CVE-2026-48282 (CVSS 10) moved from PoC release to confirmed in-the-wild exploitation in under two hours, according to KEVIntel
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.